* Thu Mar 01 2018 jmassaguerpla@suse.com
- Configuration files should be tagged in general as %config(noreplace)
in order to keep the modified config files.
see https://en.opensuse.org/openSUSE:Specfile_guidelines#Configuration_files
This fixes bsc#1083474
* Fri Jul 21 2017 msabate@suse.com
- Updated to 2.6.2
This release is a special security release to address an issue allowing
an attacker to force arbitrarily-sized memory allocations in a registry
instance through the manifest endpoint. The problem has been mitigated
by limiting the size of reads for image manifest content.
Details for mitigation are in 29fa466
Fixes bsc#1049850(CVE-2017-11468)
* Mon Jun 12 2017 abergmann@suse.com
- Add SuSEfirewall2 service file for TCP port 5000.
* Thu Apr 06 2017 msabate@suse.com
- Updated to 2.6.1;
* Fix Forwarded header handling, revert use of X-Forwarded-Port
* Use driver Stat for registry health check
fix bsc#1033172
* Fri Jan 27 2017 bg@suse.com
- enable build for s390x
* Wed Jan 18 2017 msabate@suse.com
- Updated to v2.6.0
[#]### Storage
- S3: fixed bug in delete due to read-after-write inconsistency
- S3: allow EC2 IAM roles to be used when authorizing region endpoints
- S3: add Object ACL Support
- S3: fix delete method's notion of subpaths
- S3: use multipart upload API in `Move` method for performance
- S3: add v2 signature signing for legacy S3 clones
- Swift: add simple heuristic to detect incomplete DLOs during read ops
- Swift: support different user and tenant domains
- Swift: bulk deletes in chunks
- Aliyun OSS: fix delete method's notion of subpaths
- Aliyun OSS: optimize data copy after upload finishes
- Azure: close leaking response body
- Fix storage drivers dropping non-EOF errors when listing repositories
- Compare path properly when listing repositories in catalog
- Add a foreign layer URL host whitelist
- Improve catalog enumerate runtime
[#]### Registry
- Export `storage.CreateOptions` in top-level package
- Enable notifications to endpoints that use self-signed certificates
- Properly validate multi-URL foreign layers
- Add control over validation of URLs in pushed manifests
- Proxy mode: fix socket leak when pull is cancelled
- Tag service: properly handle error responses on HEAD request
- Support for custom authentication URL in proxying registry
- Add configuration option to disable access logging
- Add notification filtering by target media type
- Manifest: `References()` returns all children
- Honor `X-Forwarded-Port` and Forwarded headers
- Reference: Preserve tag and digest in With* functions
- Add policy configuration for enforcing repository classes
[#]### Client
- Changes the client Tags `All()` method to follow links
- Allow registry clients to connect via HTTP2
- Better handling of OAuth errors in client
[#]### Spec
- Manifest: clarify relationship between urls and foreign layers
- Authorization: add support for repository classes
[#]### Manifest
- Override media type returned from `Stat()` for existing manifests
- Add plugin mediatype to distribution manifest
[#]### Docs
- Document `TOOMANYREQUESTS` error code
- Document required Let's Encrypt port
- Improve documentation around implementation of OAuth2
- Improve documentation for configuration
[#]### Auth
- Add support for registry type in scope
- Add support for using v2 ping challenges for v1
- Add leeway to JWT `nbf` and `exp` checking
- htpasswd: dynamically parse htpasswd file
- Fix missing auth headers with PATCH HTTP request when pushing to default port
[#]### Dockerfile
- Update to go1.7
- Reorder Dockerfile steps for better layer caching
[#]### Notes
Documentation has moved to the documentation repository at
`github.com/docker/docker.github.io/tree/master/registry`
The registry is go 1.7 compliant, and passes newer, more restrictive `lint` and `vet` ing.
* Mon Aug 01 2016 msabate@suse.com
- Updated to v2.5.0
[#]## Storage
- Ensure uploads directory is cleaned after upload is commited
- Add ability to cap concurrent operations in filesystem driver
- S3: Add 'us-gov-west-1' to the valid region list
- Swift: Handle ceph not returning Last-Modified header for HEAD requests
- Add redirect middleware
[#]### Registry
- Add support for blobAccessController middleware
- Add support for layers from foreign sources
- Remove signature store
- Add support for Let's Encrypt
- Correct yaml key names in configuration
[#]### Client
- Add option to get content digest from manifest get
[#]### Spec
- Update the auth spec scope grammar to reflect the fact that hostnames are optionally supported
- Clarify API documentation around catalog fetch behavior
[#]## API
- Support returning HTTP 429 (Too Many Requests)
[#]## Documentation
- Update auth documentation examples to show "expires in" as int
[#]## Docker Image
- Use Alpine Linux as base image
* Wed May 18 2016 msabate@suse.com
- Updated to v2.4.1. It contains the following fixes:
93d7624 Preserve author information in schema1 manifests
ba672e8 When a blob upload is committed prevent writing out hashstate in the subsequent close.
96230de Add a test with a missing _manifests directory
c0d3813 Move garbage collect code into storage package
011b7e4 Ensure GC continues marking if _manifests is nonexistent
0a1fcf9 Fix wording for dry-run flag in useage message for garbage collector.
ed02e88 Sorting completed parts by part number for a better accordance with the S3 spec
fd5a404 Add blobWrtiter.Close() call into blobWriter.Commit()
3f538ca add cn-north-1 to valid check
3330cc5 wait for DLO segments to show up when Close()ing the writer
775d096 Use correct media type for config blob in schema2 manifest
64a9727 Only check validity of S3 region if not using custom endpoint
dafb59f Ensure we log io.Copy errors and bytes copied/total in uploads
431e46a GCS: FileWriter.Size: return offset + buffer size for Writers that are not closed
* Thu Apr 14 2016 msabate@suse.com
- Upgraded to 2.4.0. Changelog:
* New S3 storage driver
The default s3 storage driver is now implemented on top of the official Amazon
S3 SDK, boasting major performance and stability goodness. The previous storage
is still available, but deprecated.
* Garbage Collector
A garbage collector tool has been added to the registry. For more details see
the garbage collector documentation.
* Tagged Manifest Events
Manifest push and pull events will now include the tag which was used in the
operation (if applicable).
* Relative URLs
The registry can now be configured to return relative URLs in Location headers.
* V1 Signature disabled
With the ongoing adoption of the schema 2 manifest format and deprecation of
signatures, this option will improve pull performance by generating and
returning a single libtrust signature.
* Gotchas
The RADOS storage driver has been removed. The registry can still be used with
Ceph as the storage backend using the swift driver in conjunction with the
Swift API gateway.
The command line format has changed to support subcommands. To run a registry
as before an additional subcommand - serve - is required.
The legacy S3 storage driver, based on adroll/goamz is now deprecated and will
be removed in a future release.
* Thu Mar 10 2016 msabate@suse.com
- Updated changelog
bsc#970507
The fix_version.patch file has been removed because it has been fixed upstream
* Thu Mar 10 2016 msabate@suse.com
- Removed old tarball
* Thu Mar 10 2016 msabate@suse.com
- Ugraded to 2.3.1. The changelog is as follows:
- Allow uppercase characters in hostnames (https://github.com/docker/distribution/commit/34c3acf8a8d800524ac06444290b26ed96d4dac0)
- Fix schema1 manifest etag and docker content digest header (https://github.com/docker/distribution/commit/d7eb5d118a6a14a6f320062296b1808506c35241)
- Add option to disable signatures (https://github.com/docker/distribution/commit/d1c173078fe47f45c7f7b96098410d4f13dd68ab)
- To avoid any network use unless necessary, delay establishing authorization (https://github.com/docker/distribution/commit/740ed699f40e1522faacb2a706e44fa1560af8ea)
- Extend authChallenger interface to remove type cast. (https://github.com/docker/distribution/commit/16445b67679e91eab408a40a34625aa1f4dabfd1)
- Enable proxying registries to downgrade fetched manifests to Schema 1. (https://github.com/docker/distribution/commit/36936218c2e6a4527fc99a5c04126bb1f4c7d55c)
* Fri Feb 05 2016 msabate@suse.com
- Update to 2.3
This Docker Registry release is the first to support the Image Manifest
Version 2, Schema 2 manifest format.
* Wed Sep 23 2015 jmassaguerpla@suse.com
- set exclusive arch to x86_64 since this is the only arch we build for
* Mon Sep 07 2015 jmassaguerpla@suse.com
- Update to 2.1.1 (bsc#948097)
This release provides a bug fix where the filesystem layout of manifests was
not backwards compatible with v2.0.x registries.
- Update to 2.1.0
- Support for listing Registry repositories
- Manifest and layer soft deletion
- Pull through caching (experimental)
- Storage Drivers
more details on: https://github.com/docker/distribution/releases
add fix_version.patch: fix version to 2.1.1 instead of git version
* Fri May 29 2015 fcastelli@suse.com
- Added README-registry.SUSE
* Fri May 29 2015 fcastelli@suse.com
- Create /etc/registry to hold all the configuration files of registry
* Thu May 14 2015 fcastelli@suse.com
- Update to 2.0.1:
* Enable blob streaming upload
* S3 consistency checking and better resource utilization
* Eliminate resource leakage in the notification system
* Request error and storage driver logging
* Documentation corrections and additions
* Fri Apr 17 2015 fcastelli@suse.com
- Update to 2.0.0: first stable release of distribution
* Thu Apr 16 2015 fcastelli@suse.com
- Update to 2.0.0-rc4: Several fixes have been made to contextual logging
output, including ensuring accurate http response status, authorized user
name and correct output of the version.